readme updates

This commit is contained in:
bauthard 2020-10-08 14:33:57 +05:30
parent 0867396482
commit 977734726b

136
README.md
View File

@ -42,28 +42,29 @@ httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers usi
- Supports hosts, URLs and CIDR as input. - Supports hosts, URLs and CIDR as input.
- Handles edge cases doing retries, backoffs etc for handling WAFs. - Handles edge cases doing retries, backoffs etc for handling WAFs.
### Supported **httpx** probes:- ### Supported probes:-
| Probes | Status | | Probes | Status | Default check |
|--------------------|---------| |--------------------|---------|-----------------|
| URL | ✔ | | URL | ✔ | true |
| Title | ✔ | | Title | ✔ | true |
| Status Code | ✔ | | Status Code | ✔ | true |
| Content Length | ✔ | | Content Length | ✔ | true |
| TLS Certificate | ✔ | | TLS Certificate | ✔ | true |
| CSP Header | ✔ | | CSP Header | ✔ | true |
| HTTP2 | ✔ | | HTTP2 | ✔ | false |
| HTTP 1.1 Pipeline | ✔ | | HTTP 1.1 Pipeline | ✔ | false |
| Virtual host | ✔ | | Virtual host | ✔ | false |
| Location Header | ✔ | | Location Header | ✔ | true |
| Web Server | ✔ | | Web Server | ✔ | true |
| Web Socket | ✔ | | Web Socket | ✔ | true |
| Path | ✔ | | Path | ✔ | false |
| Ports | ✔ | | Ports | ✔ | false |
| Request method | ✔ | | Request method | ✔ | false |
| Ip | ✔ | | IP | ✔ | true |
| CNAME | ✔ | | CNAME | ✔ | true |
| CDN | ✔ | | CDN | ✔ | false |
| Response Time | ✔ | true |
# Installation Instructions # Installation Instructions
@ -105,52 +106,53 @@ This will display help for the tool. Here are all the switches it supports.
| Flag | Description | Example | | Flag | Description | Example |
|-------------------------|---------------------------------------------------------|----------------------------------------------------| |-------------------------|---------------------------------------------------------|----------------------------------------------------|
| -H | Custom Header input | httpx -H 'x-bug-bounty: hacker' | | H | Custom Header input | httpx -H 'x-bug-bounty: hacker' |
| -follow-redirects | Follow URL redirects (default false) | httpx -follow-redirects | | follow-redirects | Follow URL redirects (default false) | httpx -follow-redirects |
| -follow-host-redirects | Follow URL redirects only on same host(default false) | httpx -follow-host-redirects | | follow-host-redirects | Follow URL redirects only on same host(default false) | httpx -follow-host-redirects |
| -http-proxy | URL of the proxy server | httpx -http-proxy hxxp://proxy-host:80 | | http-proxy | URL of the proxy server | httpx -http-proxy hxxp://proxy-host:80 |
| -l | File containing HOST/URLs/CIDR to process | httpx -l hosts.txt | | l | File containing HOST/URLs/CIDR to process | httpx -l hosts.txt |
| -no-color | Disable colors in the output. | httpx -no-color | | no-color | Disable colors in the output. | httpx -no-color |
| -o | File to save output result (optional) | httpx -o output.txt | | o | File to save output result (optional) | httpx -o output.txt |
| -json | Prints all the probes in JSON format (default false) | httpx -json | | json | Prints all the probes in JSON format (default false) | httpx -json |
| -vhost | Probes to detect vhost from list of subdomains | httpx -vhost | | vhost | Probes to detect vhost from list of subdomains | httpx -vhost |
| -threads | Number of threads (default 50) | httpx -threads 100 | | threads | Number of threads (default 50) | httpx -threads 100 |
| -http2 | HTTP2 probing | httpx -http2 | | http2 | HTTP2 probing | httpx -http2 |
| -pipeline | HTTP1.1 Pipeline probing | httpx -pipeline | | pipeline | HTTP1.1 Pipeline probing | httpx -pipeline |
| -ports | Ports ranges to probe (nmap syntax: eg 1,2-10,11) | httpx -ports 80,443,100-200 | | ports | Ports ranges to probe (nmap syntax: eg 1,2-10,11) | httpx -ports 80,443,100-200 |
| -title | Prints title of page if available | httpx -title | | title | Prints title of page if available | httpx -title |
| -path | Request path/file | httpx -path /api | | path | Request path/file | httpx -path /api |
| -content-length | Prints content length in the output | httpx -content-length | | content-length | Prints content length in the output | httpx -content-length |
| -ml | Match content length in the output | httpx -content-length -ml 125 | | ml | Match content length in the output | httpx -content-length -ml 125 |
| -fl | Filter content length in the output | httpx -content-length -fl 0,43 | | fl | Filter content length in the output | httpx -content-length -fl 0,43 |
| -status-code | Prints status code in the output | httpx -status-code | | status-code | Prints status code in the output | httpx -status-code |
| -mc | Match status code in the output | httpx -status-code -mc 200,302 | | mc | Match status code in the output | httpx -status-code -mc 200,302 |
| -fc | Filter status code in the output | httpx -status-code -fc 404,500 | | fc | Filter status code in the output | httpx -status-code -fc 404,500 |
| -tls-probe | Send HTTP probes on the extracted TLS domains | httpx -tls-probe | | tls-probe | Send HTTP probes on the extracted TLS domains | httpx -tls-probe |
| -content-type | Prints content-type | httpx -content-type | | content-type | Prints content-type | httpx -content-type |
| -location | Prints location header | httpx -location | | location | Prints location header | httpx -location |
| -csp-probe | Send HTTP probes on the extracted CSP domains | httpx -csp-probe | | csp-probe | Send HTTP probes on the extracted CSP domains | httpx -csp-probe |
| -web-server | Prints running web sever if available | httpx -web-server | | web-server | Prints running web sever if available | httpx -web-server |
| -sr | Store responses to file (default false) | httpx -store-response | | sr | Store responses to file (default false) | httpx -store-response |
| -srd | Directory to store response (default output) | httpx -store-response-dir output | | srd | Directory to store response (default output) | httpx -store-response-dir output |
| -unsafe | Send raw requests skipping golang normalization | httpx -unsafe | | unsafe | Send raw requests skipping golang normalization | httpx -unsafe |
| -request | File containing raw request to process | httpx -request | | request | File containing raw request to process | httpx -request |
| -retries | Number of retries | httpx -retries | | retries | Number of retries | httpx -retries |
| -silent | Prints only results in the output | httpx -silent | | silent | Prints only results in the output | httpx -silent |
| -timeout | Timeout in seconds (default 5) | httpx -timeout 10 | | timeout | Timeout in seconds (default 5) | httpx -timeout 10 |
| -verbose | Verbose Mode | httpx -verbose | | verbose | Verbose Mode | httpx -verbose |
| -version | Prints current version of the httpx | httpx -version | | version | Prints current version of the httpx | httpx -version |
| -x | Request Method (default 'GET') | httpx -x HEAD | | x | Request Method (default 'GET') | httpx -x HEAD |
| -method | Output requested method | httpx -method | | method | Output requested method | httpx -method |
| -response-in-json | Include response in stdout (only works with -json) | httpx -response-in-json | | response-time | Output the response time | httpx -response-time |
| -websocket | Prints if a websocket is exposed | httpx -websocket | | response-in-json | Include response in stdout (only works with -json) | httpx -response-in-json |
| -ip | Prints the host IP | httpx -ip | | websocket | Prints if a websocket is exposed | httpx -websocket |
| -cname | Prints the cname record if available | httpx -cname | | ip | Prints the host IP | httpx -ip |
| -cdn | Check if domain's ip belongs to known CDN | httpx -cdn | | cname | Prints the cname record if available | httpx -cname |
| -filter-string | Filter results based on filtered string | httpx -filter-string XXX | | cdn | Check if domain's ip belongs to known CDN | httpx -cdn |
| -match-string | Filter results based on matched string | httpx -match-string XXX | | filter-string | Filter results based on filtered string | httpx -filter-string XXX |
| -filter-regex | Filter results based on filtered regex | httpx -filter-regex XXX | | match-string | Filter results based on matched string | httpx -match-string XXX |
| -match-regex | Filter results based on matched regex | httpx -match-regex XXX | | filter-regex | Filter results based on filtered regex | httpx -filter-regex XXX |
| match-regex | Filter results based on matched regex | httpx -match-regex XXX |
### Running httpx with stdin ### Running httpx with stdin